2023-10-10
FEATURE ENHANCEMENT - QR Code Detection and Policy Text - Phish Fence (Inbound Mail Protection)
NEW THREAT CATEGORY QR Code
Since the start of 2023, INKY has incorporated QR Code detection methods into our processing. Due to a recent surge in QR Code-related threats, we've now introduced a distinct QR Code threat category, rather than keeping it as a behind-the-scenes flag. This category is enabled by default. However, it can be toggled on/off at: https://app.inkyphishfence.com/settings/analysis.
If INKY identifies a QR code in a message, that message will be marked with a "QR Code" result and assigned a "Caution" or "Danger" threat level, based on other suspicious content found.
Admins also have the flexibility to customize the QR code policy text and its associated URL. By default, emails with detected QR Codes will include the specific notification text below.
Beware of unexpected QR codes from unknown senders.
FEATURE ENHANCEMENT - Top-Level Domains (TLDs) and Public Suffixes blocking - Phish Fence (Inbound Mail Protection)
NEW THREAT CATEGORY Blocked Top-Level Domain
In addition to the current blocked sender location functionality, we’ve added the ability to block top level domains (TLDs) and public suffixes (e.g., co.uk
). This blocking mechanism is enforced against the following mail properties.
MAIL FROM envelope address
From or Reply-To header address
Link URLs
Image URLs
Additionally, there's a new feature to "Automatically block ccTLDs (Country Code Top-Level Domains) based on the chosen Blocked Sender Location." For instance, if Montenegro (.me) is selected, its country code will also be considered a Blocked Top-Level Domain, alongside the Blocked Sender Location.
Configure these new settings at the bottom of this page: https://app.inkyphishfence.com/settings/analysis and learn more about the section here: Additional Analysis.